-
94f7dd5...
by
Joe Guo
-
juju_bundle_export.py: rename to juju_bundle_sanitize.py
Main purpose of this script is to parse juju bundle and mask secrets from it.
The original name is not accurate and misleading.
Signed-off-by: Joe Guo <email address hidden>
-
4210b3d...
by
Joe Guo
-
juju_bundle_export.py: bypass question mark for empty key
In bindings section, option with empty key is allowed:
bindings:
"": internal-space
However, after read bundle with pyyaml, it will be dumped to:
bindings:
? ''
: internal-space
`?` and space is used by yaml spec to indicate complex mapping keys:
https://yaml.org/spec/1.2/spec.html#id2760695
For some reason, empty str is also considered as complex key here, and there is no way to turn that off in pyyaml.
It's still valid yaml syntax, but may confuse people.
This patch replace empty key to a placeholder, and replace it back after
dump, to bypass this issue.
Reviewed-on: https://code.launchpad.net/~canonical-bootstack/bootstack-ops/+git/bootstack-ops/+merge/384084
Reviewed-by: Xav Paice <email address hidden>
-
8c20339...
by
Joe Guo
-
juju_bundle_export.py: bypass question mark for empty key
In bindings section, option with empty key is allowed:
bindings:
"": internal-space
However, after read bundle with pyyaml, it will be dumped to:
bindings:
? ''
: internal-space
`?` and space is used by yaml spec to indicate complex mapping keys:
https://yaml.org/spec/1.2/spec.html#id2760695
For some reason, empty str is also considered as complex key here, and there
is no way to turn that off in pyyaml.
It's still valid yaml syntax, but may confuse people.
This patch replace empty key to a placeholder, and replace it back after
dump, to bypass this issue.
RT: #125919
Signed-off-by: Joe Guo <email address hidden>
-
2c6ef76...
by
Joe Guo
-
juju-bundle-export-mask.py: rm redundant script
This script seems to be an older version of `juju_export_bundle.py`.
remove it to avoid confusing.
Reviewed-on: https://code.launchpad.net/~canonical-bootstack/bootstack-ops/+git/bootstack-ops/+merge/384086
Reviewed-by: Xav Paice <email address hidden>
-
79c4610...
by
Joe Guo
-
juju_bundle_export.py: add ssl_chain to MASK_KEYS
`ssl_chain` from nagios charm should also be masked.
Reviewed-on: https://code.launchpad.net/~canonical-bootstack/bootstack-ops/+git/bootstack-ops/+merge/384081
Reviewed-by: Xav Paice <email address hidden>
-
17f1471...
by
Joe Guo
-
juju_bundle_export.py: use logging for diagnosis info
currenly, both diagnosis info and sanitized bundle yaml are printed to stdout.
this patch uses logging for diagnosis info, which will print to stderr instead of stdout.
This will be helpful to exclude diagnosis info when we redirect the output to file with `>` or `tee`.
Reviewed-on: https://code.launchpad.net/~canonical-bootstack/bootstack-ops/+git/bootstack-ops/+merge/384082
Reviewed-by: Xav Paice <email address hidden>
-
1785294...
by
Joe Guo
-
juju_bundle_export.py: keep secret option keys and mask values as '[REDACTED]'
Currently while sanitizing juju bundles with this script, secret options
like `ssl_ca` will be totally absent from the output, including keys.
This patch changes the behavior that it will keep any option keys, but
mask secret option values as "[REDACTED]".
RT: #125919
Reviewed-on: https://code.launchpad.net/~canonical-bootstack/bootstack-ops/+git/bootstack-ops/+merge/384080
Reviewed-by: Xav Paice <email address hidden>
-
8a14451...
by
Joe Guo
-
juju_bundle_export.py: keep secret option keys and mask values as '[REDACTED]'
Currently while sanitizing juju bundles with this script, secret options
like `ssl_ca` will be totally absent from the output, including keys.
This patch changes the behavior that it will keep any option keys, but
mask secret option values as "[REDACTED]".
RT: #125919
Signed-off-by: Joe Guo <email address hidden>
-
a9fbfa0...
by
Joe Guo
-
juju-bundle-export-mask.py: rm redundant script
This script seems to be an older version of `juju_export_bundle.py`.
remove it to avoid confusing.
Signed-off-by: Joe Guo <email address hidden>
-
c14d737...
by
Joe Guo
-
juju_bundle_export.py: use logging for diagnosis info
currenly, both diagnosis info and sanitized bundle yaml are printed to stdout.
this patch uses logging for diagnosis info, which will print to stderr instead of stdout.
This will be helpful to exclude diganosis info when we redirect the output to file with `>` or `tee`.
Signed-off-by: Joe Guo <email address hidden>
This merge proposal is being monitored by mergebot. Change the status to Approved to merge.